Monitoring and trending are two ways to show that you have a mature privacy program. How do you decide what to monitor, how often to monitor and what to look for when you are monitoring? A monitoring program should begin with your compliance requirements and risks. What do the laws, regulations or mandates say you have to do? What do your contractual agreements obligate you to do? What duties have you made others responsible for? Are they doing what they are supposed to do, and can they produce documentation showing that? In the final installment of this 10-part series, Deidre Rodriguez, CIPP/US, offers advice on how to most effectively monitor and trend the privacy program at your organization. Missed the first nine parts of this series? Find them here.
If you want to comment on this post, you need to login.